Information Assurance Engineer

Description

Cybersecurity/RMF/COMSEC Support

Information Assurance Engineer / Network Security Engineer / ISSO - Provide cybersecurity officers and engineers to assist with supporting accrediting, risk mitigation, and reporting in support of DOD policy, directives, instructions, and guidance. Develop and track status of RMF artifacts for system security accreditation, amendments, and System Security Update Plan (SSUP).

Information Assurance Engineer – Requires TS/SCI and IAT Level III (CISSP Preferred)

· Develop Security plan of action and milestones (POA&M) for all open security findings identified on the end-to-end enterprise infrastructure (Data Center, SATCOM Gateway, and deployed kits).

· Conduct weekly meetings to track the security process, status of the accreditation package and finding resolution on the enterprise infrastructure.

· Maintain documentation identifying what cybersecurity STIG, checklist, or control requirements apply for every component or software in the enterprise infrastructure (Data center, SATCOM Gateway, and deployed kits).

· Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the security manager, ISSM, and J6 directorate. 

· Track all implementation information for assurance directed guidelines for all hardware as well as applicable software ensuring proper security for the JCSE Enterprise. Provide tracking and summary reports based on findings to leadership. Implementation actions include but are not limited to STIGs, compliant patch implementation/management, Information Assurance Vulnerability Management (IAVM) compliance, integration/ implementation of network or firewall approved devices, and react appropriately to cyber threats.

· Support and perform DoD Risk Management Framework (RMF) in accordance with CNSSI 1253 and NIST 800-53 (all revisions) for IA controls; 8570/8140 for IA Workforce training and DCID 6/3 for protection of sensitive compartmented information. This also includes the updates required for the JCSE packages and all updated instructions which support the Assess and Authorize (A&A) process. 

· Provide technical support and guidance to the cybersecurity team as part of maintaining the JCSE IA processes and procedures in support of computer network defense in-depth protection for the JCSE enterprise infrastructure. Recommend network configuration, policy, training, operational or other changes/updates based on assessed risks.

· Coordinate with internal and external organizations, agencies and activities to support resolution of security issues, accreditation and waiver requests that impact the ability to obtain connection approval. Recommend connection approval, disapproval or modification based on security risks and system vulnerabilities.

· Maintain Security Test and Evaluation (ST&E) and Certification Test and Evaluation (CT&E) plans, as required.

· Maintain configuration documentation for the JCSE Enterprise to include: network diagrams, technical sensor/administrative & policy POCs, and related information.

Physical Demands and Work Environment 

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.

While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers, handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate. 

Travel

Up to 10%

Shift

Hours and shift determined by location.